ISO9001 2015 Checklist

COMPASS ASSURANCE SERVICES PTY LTD

ISO 9001:2015 MANAGEMENT

SYSTEMS - REQUIREMENTS

SELF-ASSESSMENT CHECKLIST

NOTE: THIS IS A SIMPLIFIED SUMMARY OF THE REQUIREMENTS OF ISO 9001:2015 QUALITY MANAGEMENT SYSTEM – REQUIREMENTS FOR THE SPECIFIC PURPOSE OF HELPING ORGANISATIONS UNDERTAKE A PRELIMINARY CHECK OF THEIR READINESS FOR AN ISO 9001:2015 AUDIT OR ASSESSMENT.

REQUIRED DOCUMENTED INFORMATION

Documented information needed to be maintained by you for the purpose of establishing the QMS

(a) The scope of the QMS (clause 4.3)

(b) Documented information to support the operation of processes (clause 4.4)

(c) The Quality Policy (clause 5) (d) The quality objectives (clause 6.2)

UNDERSTANDING THE ORGANISATION AND ITS CONTEXT

(a) Have we determined external and internal issues relevant to the QMS achieving its aim

(b) Do we monitor and review these issues

DETERMINING THE SCOPE OF THE QUALITY MANAGEMENT

SYSTEM

Have we determined the boundaries of the QMS when establishing its scope.

Did we consider:

(a) external and internal issues

(b) the requirements of relevant interested parties (c) our products and/or services

Have we documented the scope?

Have we considered this standard and have we justified any exclusion?

4.1

QUALITY MANAGEMENT SYSTEM

4.2

UNDERSTANDING THE NEEDS AND EXPECTATIONS OF

INTERESTED PARTIES

(a) Have we determined what interested parties are relevant to the QMS and what are their requirements

(b) Do we monitor and review this

4.4

QUALITY MANAGEMENT SYSTEM AND ITS PROCESSES

Have we determined

(a) the processes for the system and how they are to be applied (b) the inputs and outputs for those processes

(c) how processes interrelate

(d) methods to operate and control processes

(e) resources and their availability and responsibilities

Have we evaluated risks and opportunities, processes and their implementation As necessary, have we got documented information, that gives us confidence that we are carrying out activities as planned?

5.1

LEADERSHIP AND COMMITMENT

Can we demonstrate top management is providing leadership and commitment to the QMS including taking accountability for:

(a) the QMS

(b) policy and objectives being compatible with strategy (c) integration of the QMS into business systems

(d) promoting process and risk approach (e) ensuring the QMS is resourced

(f) communicating the QMS

(g) ensuring the QMS achieves its intended results (h) promoting improvement

(i) supporting others

5.1.2

CUSTOMER FOCUS

Can we demonstrate that top management actively provides leadership by ensuring:

(a) customer requirements and applicable statutory and regulatory requirements are determined and met

(b) risks and opportunities that can affect the products and services are determined and addressed

(c) customer satisfaction determined, maintained and enhanced

5.2

QUALITY POLICY

Have we ensured the Policy

(a) is appropriate to the organisation

(b) has a commitment to meet requirements and continually improve the system

(c) has a framework to set objectives (d) is communicated and understood (e) available as documented information

(f) available to interested parties as appropriate

5.3

ORGANIZATIONAL ROLES, RESPONSIBILITIES AND AUTHORITIES

Have we assigned and communicated responsibilities and authorities to ensure:

(a) the QMS conforms to the standard (b) processes deliver their outputs

6 Planning

ACTIONS TO ADDRESS RISKS AND OPPORTUNITIES

Have we determined the risks and opportunities that need to be addressed to:

(a) assure the QMS achieves its intended results

(b) avoid or mitigate negative effects, enhance positive effects (c) achieve improvement

Have we planned:

(a) actions to address these risks and opportunities (b) how to integrate these actions into the QMS

QUALITY OBJECTIVES AND PLANNING TO ACHIEVE THEM

6.2

In planning how to achieve our quality objectives, have we determined

(a) what will be done

(b) what resources will be required (c) who will be responsible

(d) when it will be completed

(e) how the results will be evaluated

PLANNING OF CHANGES

Where we need to make changes to the QMS is it planned and do we consider:

(a) the purpose and potential consequences (b) the integrity of the QMS

(c) the availability of resources

(d) changes to responsibilities and authorities

6.1

6.2.1

(a) consistent with the policy

(b) measurable, monitored, communicated and updated as appropriate

(c) relevant to conformity of products and services and the enhancement of customer satisfaction and take into account all applicable requirements

Do we retain documented information on the quality objectives?

6.2.2

RESOURCES

7 Support

7.1

7.1.1

General

Have we determined and provide the resources needed for the QMS?

Have we considered

(a) the capabilities of, and constraints on existing resources (b) what needs to be obtained from external providers

7.1.2

People

Have we provided the persons necessary for the QMS

Infrastructure

Do we provide and maintain the necessary infrastructure (such as buildings, technology, equipment)

7.1.3

7.1.5

7.1.4

Environment for the operation of processes

Do we provide and maintain the environment necessary for operations

(such as temperature, humidity, ergonomics and cleanliness).

Monitoring and Measuring Resources

Have we ensured that the resources provided:

(a) are suitable for the specific type of monitoring and measurement activities being undertaken

(b) are maintained to ensure their continued fitness for their purpose

Have we retained appropriate documented information as

evidence?

Have we processes in place to

(a) verify or calibrate measurement instruments against reliable standards

(b) identify measurement instruments in order to determine their calibration status

(c) safeguarded measurement instruments from adjustments, damage or deterioration

Have corrective actions been undertaken when issues arise with measurement instruments

COMPETENCE

Do we

(a) determine the necessary competence of person(s) that could affect the QMS

(b) ensure that these person(s) are competent on the basis of appropriate education, training, or experience

(c) take actions to access the necessary competence where applicable (d) retain appropriate documented information as evidence of competence

7.2

AWARENESS

Have we ensured that person(s) doing work under the control of our business are aware of

(a) the quality policy and relevant quality objectives

(b) their contribution to the effectiveness of the QMS, including the benefits of improved quality performance

(c) the implications of not conforming with the quality management system requirements

7.3

COMMUNICATION

Have we determined the internal and external communications relevant to the QMS including:

(a) what will be communicated (b) when to communicate (c) with whom to communicate (d) how to communicate

(e) Who communicates

7.4

7.1.6

ORGANIZATIONAL KNOWLEDGE

Have we determined and made available the knowledge necessary for

(a) the operation of our processes and

(b) achieving conformity of products and services

Do we determine how to access additional knowledge for addressing change in our business

Control of documented Information

Do we ensure documented information required by the QMS are controlled to ensure:

(a) it is available and suitable for use (b) it is adequately protected

Do we take into consideration these factors

(a) distribution, access, retrieval and usage (b) storage and preservation

(c) version control

(d) retention and disposition

(e) external documents are identified as appropriate, and controlled.

7.5

DOCUMENTED INFORMATION

7.5.1

General

Does our QMS include

(a) documented information required by the standard

(b) documented information necessary for the effectiveness of the QMS

Creating and updating

Do we ensure we have

(a) identification and description (such as a title, date, author, or reference number)

(b) review and approval

7.5.3

7.5.2

Creating and updating

Do we ensure we have

(a) identification and description (such as a title, date, author, or reference number)

OPERATIONAL PLANNING AND CONTROL

Have we planned, implemented and controlled our processes

Have we

(a) determined the requirements for our products and services

(b) established criteria for the processes and the acceptance of products and services

(c) determined the resources needed (d) implemented controls

(e) retained documented information as necessary to demonstrate processes have been carried out effectively and product conformance

(f) planned changes and reviewed issues,

(g) ensured that outsourced processes are controlled

8.1

8 Operation

8.2

REQUIREMENTS FOR PRODUCTS AND SERVICES

Customer communication

Have we established processes for communicating with customers about:

(a) our products and services (b) enquiries, contracts or orders (c) feedback including complaints (d) handling their property

(e) contingency processes

8.2.1

8.2.2

Determining requirements related to products and

services

For our products and services have we determined the following requirements:

(a) applicable statutory and regulatory (b) those we feel are necessary

Can we meet the claims for the products and services we offer?

8.2.3

Review of requirements related to products and services

Before committing to supply do we ensure can we meet:

(a) requirements specified by the customer (b) requirements necessary for intended use (c) requirements specified by us

(d) statutory and regulatory requirements (e) contract or order requirements

Do we

(a) ensure that contract or order requirements differing from those previously defined are resolved

(b) confirm requirements before acceptance of the order (c) retain documented information as applicable describing

the results of the review, including any new or changed requirements for the products and services

Changes to requirements for products and services

Have we

(a) ensured that documented information is amended and that relevant personnel are made aware of the changed requirements when requirements for products and services are changed

8.2.4

8.3

DESIGN AND DEVELOPMENT OF PRODUCTS AND SERVICES

8.3.2

8.3.1

General

Have we have a design and development process for products and services that is appropriate

Design and Development planning

In determining the stages and controls for design and development, have we considered:

(a) the nature, duration and complexity of the activities (b) stages including review

(c) verification and validation (d) responsibilities and authorities (e) internal and external resources

8.3.3

Design and development Inputs

Have we considered:

(a) functional and performance requirements (b) similar designs

(c) statutory and regulatory requirements (d) standards or codes of practice

(e) potential consequences of failure due to the nature of the products and services

Have we ensured inputs are adequate, complete, and unambiguous and all conflicts are resolved

Have we retained documented information on design and development inputs

Design and development controls

Do our controls ensure

(a) the results to be achieved are defined

(b) reviews are conducted to ensure designs will meet requirements (c) verification is conducted to ensure that design outputs will meet the

defined inputs

(d) validation ensures products and services are capable of meeting the specified requirements or intended use

(e) actions are taken on problems

(f) documented information of these activities is retained.

8.3.4

8.3.5

Design and development outputs

Have we ensured that outputs:

(a) meet the input requirements (b) are adequate for production

(c) reference monitoring and measuring requirements, and acceptance criteria, as applicable

(d) specify the characteristics of the products and services that are essential for their intended purpose and their safe and proper use

8.3.6

Design and development changes

Do we ensure there is no adverse impact on conformity when changes are made during design and development

Do we keep documented information on

(a) design and development changes (b) results of reviews

(c) authorisation of changes

(d) Actions taken to prevent adverse impacts

CONTROL OF EXTERNALLY PROVIDED PRODUCTS AND SERVICES

8.4

8.4.1

General

Do we ensure that externally provided processes, products, and services conform to specified requirements and do we apply appropriate controls when:

(a) products and services are provided by external providers for incorporation into our products and services

(b) products and services are provided directly to the customer(s) by external providers on our behalf

(c) a process or part of a process is provided by an external provider

Have we established and applied a criteria for the

(a) evaluation (b) selection

(c) monitoring

(d) re-evaluation of external providers

Do we retain appropriate documented information

8.4.2

Type and extent of control

Do we

(a) ensure externally provided processes are controlled within our QMS

(b) define controls over the process and the output

(c) consider impacts to meet statutory and client requirements (d) determine verification requirements

8.4.3

Information for external providers

Have we communicated to external providers our requirements related to:

(a) the processes, products or services to be provided (b) approval or release of products and services, methods,

processes or equipment

(c) competence of personnel, including necessary qualifications

(d) their interactions with us

(e) control and monitoring we require

(f) verification activities to be performed at their premises

8.5

PRODUCTION AND SERVICE PROVISION

Control of production and service provision

Is production undertaken under controlled conditions

This may include (as applicable)

(a) documented information about the products and services or activities to be performed

(b) monitoring and measurement activities (c) infrastructure and environment

(d) the availability and use of suitable monitoring and measuring resources

(e) competent persons (f) actions to prevent errors

(g) release, delivery and post-delivery activities

8.5.1

8.5.2

Identification and traceability

Do we identify outputs where it is necessary to ensure conformity? Do we identify the status of outputs?

Do we control the unique identification of outputs where traceability is required?

Do we retain documented information necessary to maintain traceability?

8.5.3

Property belonging to customers or external providers

Do we exercise care with property belonging to the customer or external providers?

Have we identified, verified, protected and safeguarded the customer’s or external provider’s property?

When property of the customer or external provider is lost or damaged do we report to the provider and keep documented information on what occurred?

(includes materials, components, tools and equipment, customer premises, intellectual property and personal data)

Preservation

Do we ensure preservation of process outputs during production to maintain conformity to requirements?

(can include identification, handling, packaging, storage, transmission or transportation and protection)

8.5.4

Post-delivery activities

Do we meet requirements for post-delivery activities associated with the products and services

(Post-delivery activities can include warranty, contractual obligations, maintenance services, recycling or final disposal)

Do we consider:

(a) statutory and regulatory requirements

(b) the potential undesired consequences associated with our products and services

(c) the nature, use and intended lifetime of our products and services

(d) customer requirements and feedback

8.5.5

8.5.6

Control of changes

Do we review and control changes in production to ensure continuing conformity with requirements

Do we retain documented information of the review of changes to production including authorisation and any necessary actions

8.6

RELEASE OF PRODUCTS AND SERVICES

Do we have planned processes at appropriate stages of production to verify that requirements have been met

Do we ensure product is not released until this is completed

Do we retain documented information of evidence of conformity with the acceptance criteria and traceability to persons authorizing release

CONTROL OF NONCONFORMING OUTPUTS

Do we ensure product that does not conform to requirements are identified and controlled to prevent their unintended use or delivery

Do we take appropriate corrective action

Do we deal with nonconforming products in one or more of the following ways:

(a) correction

(b) segregation, containment, return or suspension of production (c) informing the customer

(d) obtaining authorization for acceptance under concession Do we re-verify when products are corrected?

Do we retain documented information describing the non-conformance, actions taken, concessions obtained and authorisations

9 Performance Evaluation

MONITORING, MEASUREMENT, ANALYSIS AND EVALUATION

9.1

9.1.1

General

Have we determined

(a) what needs to be monitored and measured (b) the methods

(c) when monitoring and measurement is to be done (d) when results will be analysed and evaluated Do we evaluate the effectiveness of the QMS Do we retain documented information of this

9.1.2

Customer satisfaction

Do we monitor customer perceptions

(this can include customer satisfaction surveys, customer

feedback, market-share analysis, compliments, warranty claims and dealer reports)

Have we determined how we will obtain, monitor and review this information

9.1.3

Analysis and evaluation

Do we analyse and evaluate appropriate data

Do we use the results to evaluate

(a) product conformity (b) customer satisfaction

(c) the performance and effectiveness of the QMS and any improvements needed

(d) if planning has been implemented effectively

(e) the effectiveness of actions taken to address risks and opportunities

INTERNAL AUDIT

9.2

9.2.1

(a) Conforms to our requirements

(b) Conforms to the requirements of 9001:2015 (c) Is effectively implemented and maintained

9.2.2

(a) planned and implemented an effective audit program (b) defined the criteria and scope for each audit

(c) selected auditors to ensure objectivity and impartiality (d) ensured that the results are reported to relevant

management

(e) taken necessary correction and corrective actions without undue delay

9.3.3

Outputs

(a) opportunities for improvement (b) changes to the QMS

(c) resources

Do we retain documented information as evidence of the results of management reviews

9.3

MANAGEMENT REVIEW

9.3.1

Does our Top management review our QMS at planned

intervals

9.3.2

Inputs

(a) the status of actions from previous management reviews (b) changes in external and internal issues relevant to the QMS

(c) information on the QMS including

− customer satisfaction and stakeholder feedback − quality objectives performance

− product performance and conformity − nonconformance and corrective action

− monitoring and measurement including audits − external providers

− process performance and conformity of products and services;

(d) adequacy of resources

(e) actions taken regarding risk and opportunity (f) improvement

10 Improvement

10.1

GENERAL

Have we determined and selected opportunities for improvement and implement necessary actions including:

(a) improving products and services

(b) correcting, preventing or reducing undesired effects; (c) improving the performance and effectiveness of the QMS

NONCONFORMITY AND CORRECTIVE ACTION

10.2

When a nonconformity occurs, including complaints, do we:

(a) react to the nonconformity, and as applicable: − take action to control and correct it − deal with the consequences

(b) evaluate the need for action to eliminate the cause(s) by:

− reviewing and analysing − determining the causes

− determining if similar nonconformities exist, or could potentially occur

(c) implement any action needed

(d) review the effectiveness of any corrective action taken

(e) make changes to the QMS if necessary

10.2.1

10.2.2

(a) the nature of the nonconformities and any subsequent actions taken

10.3

CONTINUAL IMPROVEMENT

Do we

(a) continually improve the effectiveness of the QMS

(b) consider the outputs of analysis and management reviews to identify opportunities for continual improvement

(c) encourage Compass Assurance Services to keep improving and remain a valuable partner to us